{
  "version": "15.0.0",
  "vulnerabilities": [
    {
      "id": "1",
      "category": "sast",
      "name": "Predictable pseudorandom number generator",
      "message": "Predictable pseudorandom number generator",
      "cve": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy:47:PREDICTABLE_RANDOM",
      "severity": "Medium",
      "confidence": "Medium",
      "scanner": {
        "id": "find_sec_bugs",
        "name": "Find Security Bugs"
      },
      "location": {
        "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy",
        "start_line": 47,
        "end_line": 47,
        "class": "com.gitlab.security_products.tests.App",
        "method": "generateSecretToken2"
      },
      "identifiers": [
        {
          "type": "find_sec_bugs_type",
          "name": "Find Security Bugs-PREDICTABLE_RANDOM",
          "value": "PREDICTABLE_RANDOM",
          "url": "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM"
        }
      ]
    },
    {
      "id": "2",
      "category": "sast",
      "name": "Predictable pseudorandom number generator",
      "message": "Predictable pseudorandom number generator",
      "cve": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy:41:PREDICTABLE_RANDOM",
      "severity": "Low",
      "confidence": "Low",
      "scanner": {
        "id": "find_sec_bugs",
        "name": "Find Security Bugs"
      },
      "location": {
        "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy",
        "start_line": 41,
        "end_line": 41,
        "class": "com.gitlab.security_products.tests.App",
        "method": "generateSecretToken1"
      },
      "identifiers": [
        {
          "type": "find_sec_bugs_type",
          "name": "Find Security Bugs-PREDICTABLE_RANDOM",
          "value": "PREDICTABLE_RANDOM",
          "url": "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM"
        }
      ]
    },
    {
      "id": "3",
      "category": "sast",
      "name": "ECB mode is insecure",
      "message": "ECB mode is insecure",
      "description": "The cipher uses ECB mode, which provides poor confidentiality for encrypted data",
      "cve": "ea0f905fc76f2739d5f10a1fd1e37a10:ECB_MODE:java-maven/src/main/java/com/gitlab/security_products/tests/App.java:29",
      "severity": "Medium",
      "confidence": "High",
      "scanner": {
        "id": "find_sec_bugs",
        "name": "Find Security Bugs"
      },
      "location": {
        "file": "java-maven/src/main/java/com/gitlab/security_products/tests/App.java",
        "start_line": 29,
        "end_line": 29,
        "class": "com.gitlab.security_products.tests.App",
        "method": "insecureCypher"
      },
      "identifiers": [
        {
          "type": "find_sec_bugs_type",
          "name": "Find Security Bugs-ECB_MODE",
          "value": "ECB_MODE",
          "url": "https://find-sec-bugs.github.io/bugs.htm#ECB_MODE"
        },
        {
          "type": "cwe",
          "name": "CWE-327",
          "value": "327",
          "url": "https://cwe.mitre.org/data/definitions/327.html"
        }
      ]
    },
    {
      "id": "4",
      "category": "sast",
      "name": "Hard coded key",
      "message": "Hard coded key",
      "description": "Hard coded cryptographic key found",
      "cve": "102ac67e0975ecec02a056008e0faad8:HARD_CODE_KEY:scala-sbt/src/main/scala/example/Main.scala:12",
      "severity": "Medium",
      "confidence": "High",
      "scanner": {
        "id": "find_sec_bugs",
        "name": "Find Security Bugs"
      },
      "location": {
        "file": "scala-sbt/src/main/scala/example/Main.scala",
        "start_line": 12,
        "end_line": 12,
        "class": "example.Main$",
        "method": "getBytes"
      },
      "identifiers": [
        {
          "type": "find_sec_bugs_type",
          "name": "Find Security Bugs-HARD_CODE_KEY",
          "value": "HARD_CODE_KEY",
          "url": "https://find-sec-bugs.github.io/bugs.htm#HARD_CODE_KEY"
        },
        {
          "type": "cwe",
          "name": "CWE-321",
          "value": "321",
          "url": "https://cwe.mitre.org/data/definitions/321.html"
        }
      ]
    },
    {
      "id": "5",
      "category": "sast",
      "name": "ECB mode is insecure",
      "message": "ECB mode is insecure",
      "description": "The cipher uses ECB mode, which provides poor confidentiality for encrypted data",
      "cve": "ea0f905fc76f2739d5f10a1fd1e37a10:ECB_MODE:app/src/main/groovy/com/gitlab/security_products/tests/App.groovy:29",
      "severity": "Medium",
      "confidence": "High",
      "scanner": {
        "id": "find_sec_bugs",
        "name": "Find Security Bugs"
      },
      "location": {
        "file": "app/src/main/groovy/com/gitlab/security_products/tests/App.groovy",
        "start_line": 29,
        "end_line": 29,
        "class": "com.gitlab.security_products.tests.App",
        "method": "insecureCypher"
      },
      "identifiers": [
        {
          "type": "find_sec_bugs_type",
          "name": "Find Security Bugs-ECB_MODE",
          "value": "ECB_MODE",
          "url": "https://find-sec-bugs.github.io/bugs.htm#ECB_MODE"
        },
        {
          "type": "cwe",
          "name": "CWE-327",
          "value": "327",
          "url": "https://cwe.mitre.org/data/definitions/327.html"
        }
      ]
    }
  ],
  "remediations": [

  ],
  "scan": {
    "analyzer": {
      "id": "find_sec_bugs_analyzer",
      "name": "Find Security Bugs Analyzer",
      "url": "https://gitlab.com",
      "vendor": {
        "name": "GitLab"
      },
      "version": "1.0.0"
    },
    "scanner": {
      "id": "find_sec_bugs",
      "name": "Find Security Bugs",
      "url": "https://spotbugs.github.io",
      "vendor": {
        "name": "GitLab"
      },
      "version": "4.0.2"
    },
    "type": "sast",
    "status": "success",
    "start_time": "2022-08-10T22:37:00",
    "end_time": "2022-08-10T22:38:00"
  }
}
